THE OPERATIONAL MANAGEMENT OF SIS II BY THE COMMISSION, AND WHETHER THE RULES ENSURE ACCOUNTABILITY

  During discussions on SIS II, the provisions on management of the system have been extensively discussed, in order to ensure that the system continues to function effectively during the transition from SIS I+ to SIS II, while being established on a firm legal base.

  As a result, the provisions relating to management have been amended, allowing for a short- and long-term solution to the management of SIS II. In the short term, the Commission will be responsible for management of SIS II. In practice, it will delegate this responsibility to the authorities in the Member States where the existing system, SIS I+, is located (France and Austria). There are clear rules on how responsibility will be delegated, and the duties and obligations on the Commission and the authorities to which management is delegated.

  In the long term, it is unlikely that the Commission will be given responsibility for the operational management of SIS II. Several options have been proposed for the long-term solution for management of SIS II. These include management by Frontex (the European borders agency), Europol, the Commission, or a new cross-pillar agency. Of these the first two have been rejected. The UK does not participate in Frontex (which is purely first pillar), and Europol is a third pillar body funded by the Member States rather than the Community budget, so neither is ideally suited to hosting a database holding both first and third pillar data. Management by the Commission proved unpopular with most Member States.

  Most Member States support the creation of a new cross-pillar agency to manage SIS II, subject to a suitable impact assessment. The legal instruments therefore provide for a Management Authority to be responsible for the long term operational management of SIS II. The advantage of a cross-pillar agency is that it would reflect the first-pillar immigration content of SIS II, as well as the third pillar law enforcement content. The Government believes that this option provides the most sensible solution to management of SIS II in the long term, and will ensure that the Commission conducts a full impact assessment and considers, among other things, whether or not SIS II should be co-located with any other EU database. The legal instrument contains strict rules on security and confidentiality and record keeping that must be complied with by the Management Authority.

THE IMPLICATIONS OF INCLUDING BIOMETRIC DATA

  The addition of biometric data into the SIS II will provide significant improvements to the accuracy of the system making misidentification less likely. The insertion and use of biometric data will be subject to strict controls. Searching using biometric data will not be permitted until the necessary technology is available, which will ensure that misidentification of persons is minimised. Additionally, where there is a possibility that confusion may arise between the subject of a SIS II alert and another person, adding biometric data will greatly aid the prevention of the negative consequences arising from misidentification, as it will be possible to quickly establish where an individual is not the same person against whom an alert has been issued. The Government believes that there are strict safeguards in place to ensure that the addition of biometric data into SIS II will not compromise data protection.

THE PROVISIONS ON ALLOWING INTERLINKING OF ALERTS

  Allowing alerts to be linked will improve the functioning of the system. Links between alerts will not be allowed unless there is clear operational need for a link to be made. The Government believes that linking alerts will help with the aim of SIS II, ie the prevention, detection and investigation of crime. For example, the details of a stolen car in which it is believed an abducted child is being transported are linked to the alert on the missing child. Should the car be stopped and checked, the authority consulting SIS II will be informed that there is a link to a missing child. This will enable further enquiries to be carried out. Permitting links to be made will mean that SIS II is useful from an operational point of view. However, the legal instrument makes it clear that where there is no authorisation for a link to be viewed, the link will not appear when SIS II is searched. For instance, if there is a link between an alert on a stolen vehicle and an alert on refusal of entry, the UK will be able to see the alert on the stolen vehicle but will not see either the existence of a link or the entry refusal alert, since it does not have access to data on entry refusal.

THE CRITERIA FOR LISTING PERSONS TO BE REFUSED ENTRY

  The UK will not participate in the immigration provisions of SIS II; however the criteria for entering alerts on refusal of entry have been the subject of much debate. The text as amended requires entry refusal alerts to be entered into SIS II on the basis of an individual decision: ie decisions must be made on a case-by-case basis, so that the maximum amount of clarity and accountability is retained. The exception to this rule are the provisions for entering alerts based on UN travel bans, which have already been issued subject to stringent checks.

THE APPROPRIATENESS OF INCLUDING THIRD-COUNTRY NATIONAL FAMILY MEMBERS OF EU CITIZENS

  A recent ECJ case (Case C-503/03) found that Spain was in breach of EC law when it automatically refused to grant a visa to a third country family member of an EU citizen based on an entry refusal alert in SIS II. The court ruled that a Member State may not automatically refuse entry to a third-country national family member of an EU citizen to the Schengen area on the basis of an alert in the Schengen Information system without further consideration. The Council has taken note of this judgement and it is envisaged that amendments to the text will be made to reflect the ECJ's decision.

THE CLARITY OF RULES GOVERNING COLLECTION OF AND ACCESS TO DATA, INCLUDING THE DESIRABILITY OF GRANTING ACCESS TO IMMIGRATION DATA TO POLICE AND ASYLUM AUTHORITIES

  The UK does not participate in the immigration and border control provisions of the Schengen Acquis, and has no right of access to immigration data contained in the SIS II (covered by the SIS II Regulation) for immigration and border control purposes.

  The Government does however believe that there are operational grounds for sharing between law-enforcement the limited category of information on persons who are considered a threat on the basis of public security. In this context, it may be appropriate (subject to strict criteria) to allow limited access to immigration data for law enforcement and asylum authorities. Transition from SIS I to SIS II does not however mean that the UK can re-negotiate the basis upon which it participates in the Schengen Acquis. The UK would not be able to access immigration data for immigration purposes as part of these negotiations.

THE ADEQUACY OF DATA PROTECTION RULES, IN PARTICULAR AS REGARDS DATA WHICH MAY BE TRANSFERRED TO THIRD COUNTRIES

  The data protection regime for SIS II has been the subject of much debate during negotiations. The regime envisaged for the system is one which gives responsibility for the supervision of the management authority to the European Data Protection Supervisor (EDPS), and supervision in each Member State to the national supervisory authority (the Information Commissioner in the UK). There are provisions for cooperation between the national supervisory authorities and the EDPS in order to examine cross-cutting issues. There are also stringent rules on monitoring access, ensuring that adequate training is given for those who access the system, and purpose limitation provisions so that data can only be accessed by authorised personnel within the limits of the purposes defined in the legal instruments. The Government is content that these rules allow for a high standard of data protection, as well as ensuring a secure and effective system. There is no provision in the SIS II text for SIS II data to be transferred to third countries who will not participate in SIS II. Data will therefore not be transferred to third countries. Where it is envisaged that data will be shared with other parties (for instance Europol and Eurojust), the data protection regime has been robustly drafted to ensure that data is not misused.

THE IMPLICATION OF THE PLANS ON INTEROPERABILITY OF EU DATABASES

  The communication on interoperability was published by the Commission on 29 November 2005. The Government supports in principle efforts to improve the efficiency of existing databases, with due respect given to the limitations and constraints upon access. Interoperability or linkage of databases must not result in a situation where information on one database can be accessed without permission via another database.

THE UNITED KINGDOM'S POSITION ON THE SIS, PARTICULARLY THE NEED FOR ACCESS BY THE UK TO IMMIGRATION DATA

  The UK participates in the law enforcement (third pillar) aspects of the Schengen Acquis, but does not participate in the first pillar immigration and border control measures (as set out in Council Decision 2000/365/EC and Council Decision 2004/926/EC). Negotiations on the SIS II legal base are not an opportunity to change the terms of the UK's participation in the Schengen Acquis. Whilst the Government believes that there may be operational merit in accessing and exchanging entry refusal data contained in the SIS II for purposes other than border control (for instance law enforcement or asylum purposes), it accepts that the UK has no right to access immigration data for immigration purposes given that we have not acceded to the border control aspects of Schengen.

13 July 2006